The Problem:
After adding maven repository secured with https protocol the following error appeared:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.
certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
But how to get the certificate and make java can find it?
Step 1. Fetching the certificate
echo | openssl s_client -showcerts -connect nexus:443 2>/dev/null | \
awk '/-----BEGIN CERTIFICATE-----/, /-----END CERTIFICATE-----/' > nexus.crt
Step 2. Find out where the java keystore is located
The following command will show java home dir
$ /usr/libexec/java_home
/Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home
The keystore is
jre/lib/security/cacerts file.
Step 3. Install the certificate with
keytool command
sudo keytool -importcert -alias nexus01 -keystore /Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home/jre/lib/security/cacerts -file nexus.crt
Hint: use
changeit or
changeme as a default password.
Step 4. Verify your certificate is on the list
$ keytool -list -keystore /Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home/jre/lib/security/cacerts | grep nexus01
nexus01, Nov 15, 2018, trustedCertEntry,
